devise_ldap_authenticatable 0.1.2 → 0.1.3
Sign up to get free protection for your applications and to get access to all the features.
data/README.md
CHANGED
|
@@ -19,7 +19,11 @@ You must use the net-ldap gem and _NOT_ the ruby-net-ldap gem.
|
|
|
19
19
|
Installation
|
|
20
20
|
------------
|
|
21
21
|
|
|
22
|
-
|
|
22
|
+
gem install devise_ldap_authenticatable
|
|
23
|
+
|
|
24
|
+
and
|
|
25
|
+
|
|
26
|
+
config.gem 'devise_ldap_authenticatable'
|
|
23
27
|
|
|
24
28
|
Setup
|
|
25
29
|
-----
|
|
@@ -85,6 +89,8 @@ In initializer `config/initializers/devise.rb` :
|
|
|
85
89
|
# Required
|
|
86
90
|
config.ldap_host = 'ldap.mydomain.com'
|
|
87
91
|
config.ldap_port = 389
|
|
92
|
+
config.ldap_base_dn = 'ou=People,dc=local'
|
|
93
|
+
config.ldap_login_attribute = 'uid'
|
|
88
94
|
|
|
89
95
|
# Optional, these will default to false or nil if not set
|
|
90
96
|
config.ldap_ssl = true
|
|
@@ -93,10 +99,26 @@ In initializer `config/initializers/devise.rb` :
|
|
|
93
99
|
|
|
94
100
|
* ldap\_host
|
|
95
101
|
* The host of your LDAP server
|
|
102
|
+
|
|
96
103
|
* ldap\_port
|
|
97
|
-
* The port your LDAP service is listening on.
|
|
104
|
+
* The port your LDAP service is listening on.
|
|
105
|
+
|
|
106
|
+
* ldap\_base_dn
|
|
107
|
+
* The DN that is appended to the login before the LDAP bind is performed.
|
|
108
|
+
|
|
109
|
+
* ldap\_login_attribute
|
|
110
|
+
* The attribute that is prepended to the login and the base dn to form the
|
|
111
|
+
full DN that is used for the bind.
|
|
112
|
+
* Example:
|
|
113
|
+
* config.ldap\_base_dn = 'ou=People,dc=local'
|
|
114
|
+
* config.ldap\_login_attribute = 'uid'
|
|
115
|
+
* So when trying to login with 'admin' for example, 'admin' would be
|
|
116
|
+
the value stored in login field, but the actual DN used for the bind
|
|
117
|
+
would be 'uid=admin,ou=People,dc=local'
|
|
118
|
+
|
|
98
119
|
* ldap\_ssl
|
|
99
120
|
* Enables SSL (ldaps) encryption. START_TLS encryption will be added when the net-ldap gem adds support for it.
|
|
121
|
+
|
|
100
122
|
* ldap\_create\_user
|
|
101
123
|
* If set to true, all valid LDAP users will be allowed to login and an appropriate user record will be created.
|
|
102
124
|
If set to false, you will have to create the user record before they will be allowed to login.
|
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
0.1.
|
|
1
|
+
0.1.3
|
|
@@ -14,13 +14,21 @@ module Devise
|
|
|
14
14
|
mattr_accessor :ldap_port
|
|
15
15
|
@@ldap_port = nil
|
|
16
16
|
|
|
17
|
+
# Base DN
|
|
18
|
+
mattr_accessor :ldap_base_dn
|
|
19
|
+
@@ldap_base_dn = nil
|
|
20
|
+
|
|
21
|
+
# Attribute for login
|
|
22
|
+
mattr_accessor :ldap_login_attribute
|
|
23
|
+
@@ldap_login_attribute = nil
|
|
24
|
+
|
|
17
25
|
# Use SSL
|
|
18
26
|
mattr_accessor :ldap_ssl
|
|
19
27
|
@@ldap_ssl = false
|
|
20
28
|
|
|
21
29
|
# Add valid users to database
|
|
22
30
|
mattr_accessor :ldap_create_user
|
|
23
|
-
|
|
31
|
+
@@ldap_create_user = false
|
|
24
32
|
end
|
|
25
33
|
|
|
26
34
|
# Add ldap_authenticatable strategy to defaults.
|
|
@@ -7,6 +7,7 @@ module Devise
|
|
|
7
7
|
module LdapAdapter
|
|
8
8
|
|
|
9
9
|
def self.valid_credentials?(login, password)
|
|
10
|
+
login = ::Devise.ldap_login_attribute+'='+login+','+::Devise.ldap_base_dn
|
|
10
11
|
@encryption = ::Devise.ldap_ssl ? :simple_tls : nil
|
|
11
12
|
ldap = Net::LDAP.new(:encryption => @encryption)
|
|
12
13
|
ldap.host = ::Devise.ldap_host
|
|
@@ -32,7 +32,7 @@ module Devise
|
|
|
32
32
|
# Authenticate a user based on configured attribute keys. Returns the
|
|
33
33
|
# authenticated user if it's valid or nil.
|
|
34
34
|
def authenticate_with_ldap(attributes={})
|
|
35
|
-
return unless attributes[:login].present?
|
|
35
|
+
return unless attributes[:login].present?
|
|
36
36
|
conditions = attributes.slice(:login)
|
|
37
37
|
|
|
38
38
|
unless conditions[:login]
|